19 matches found
EUVD-2019-4212
Malware in sbrugna...
EUVD-2018-7258
Malware in sbrugna...
EUVD-2019-4211
Malware in sbrugna...
EUVD-2018-7285
Malware in sbrugna...
EUVD-2019-10221
Malware in sbrugna...
EUVD-2018-7301
Malware in sbrugna...
CVE-2019-1975
A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerabilit...
Authentication flaw
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could explo...
CVE-2019-12620 Cisco HyperFlex Software Counter Value Injection Vulnerability
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could explo...
CVE-2019-12620 Cisco HyperFlex Software Counter Value Injection Vulnerability
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device. The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could explo...
CVE-2019-1975 Cisco HyperFlex Software Cross-Frame Scripting Vulnerability
A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerabilit...
CVE-2019-12621
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. The vulnerability is due to insufficient key management. An attacker could exploit this vulnerability by obtaining a specific encryption key for the cluster. A...
CVE-2019-1958 Cisco HyperFlex Software Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected...
Cisco HyperFlex Software Cross-Site Request Forgery Vulnerability
Cisco HyperFlex Software is the United States Cisco Cisco company's set of scalable distributed file system. The system provides unified computing, storage and networking through cloud management, and provides enterprise-class data management and optimization services. A cross-site request forger...
CVE-2019-1664
A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the...
CVE-2019-1664 Cisco HyperFlex Software Unauthenticated Root Access Vulnerability
A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the...
Cisco HyperFlex Software Information Disclosure Vulnerability
Cisco HyperFlex Software is a scalable distributed file system from Cisco USA. The system provides unified compute, storage and networking through cloud management, providing enterprise-class data management and optimization services. An information disclosure vulnerability exists in the...
CVE-2018-15423
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...
Cisco HyperFlex UI Clickjacking Vulnerability
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...